Page 1 of 1
Trunk + Access Ports same RB
Posted: Sun Sep 25, 2016 2:08 am
by ragno
Hello!
I'm trying to reproduce this scenario of Mikrotik Wiki:
http://wiki.mikrotik.com/wiki/Manual:Sw ... s_Ports.29
I want to be able from a Mikrotik RB951 to have a trunk port on eth2 and access ports with vlan 200,300,400 running on eth3, eth4, eth5 respectively
This is my environment that does not works..
What should I'm doing wrong?
Slide1.PNG
Re: Trunk + Access Ports same RB
Posted: Mon Sep 26, 2016 10:39 am
by becs
Looks like you need to configure "switch1-cpu" port just like "ether2" port in the switch menu to allow access to DHCP servers configured on VLAN interfaces.
Re: Trunk + Access Ports same RB
Posted: Mon Sep 26, 2016 5:18 pm
by ragno
Looks like you need to configure "switch1-cpu" port just like "ether2" port in the switch menu to allow access to DHCP servers configured on VLAN interfaces.
Tryed what you said but didn't work yet. Even setting a manual IP on the pc interfaces, can't ping the vlan gateway:
sw.PNG
Re: Trunk + Access Ports same RB
Posted: Mon Sep 26, 2016 5:26 pm
by razavim
whats is the configuration of 2nd device?
please export that as well
Sent from my SM-N910C using Tapatalk
Re: Trunk + Access Ports same RB
Posted: Mon Sep 26, 2016 5:41 pm
by ragno
The other device is a Cisco SG300 switch:
switchf450d5#sh running-config
config-file-header
switchf450d5
v1.3.0.62 / R750_NIK_1_3_647_260
CLI v1.0
set system mode switch
file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
!
vlan database
vlan 200,300,400
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
hostname switchf450d5
line console
no autobaud
exit
no passwords complexity enable
ip ssh server
ip telnet server
!
interface vlan 1
ip address 192.168.1.254 0.0.0.0
no ip address dhcp
!
interface vlan 200
name "vlan200"
!
interface vlan 300
name "vlan300"
!
interface vlan 400
name "vlan400"
!
interface gigabitethernet1
switchport trunk allowed vlan add 200,300,400
!
interface gigabitethernet3
switchport mode access
switchport access vlan 200
!
interface gigabitethernet4
switchport mode access
switchport access vlan 300
!
interface gigabitethernet5
switchport mode access
switchport access vlan 400
!
exit
Re: Trunk + Access Ports same RB
Posted: Mon Sep 26, 2016 10:13 pm
by skuykend
Did you add the switch1-cpu to the vlan tab as well as the ports tab?
Re: Trunk + Access Ports same RB
Posted: Tue Sep 27, 2016 12:43 am
by ragno
Did you add the switch1-cpu to the vlan tab as well as the ports tab?
Did that and now it is working! But what's means placing this "switch1-cpu" inside de vlans? What's the logic that I should understand?
switch1cpu.PNG
And why is shown switch2-cpu / switch3-cpu ?
sw3.PNG
Re: Trunk + Access Ports same RB
Posted: Tue Sep 27, 2016 1:23 am
by pe1chl
The MikroTik swich configuration is hard to understand because it is based on how the switch chip has
to be programmed by the software, rather than on the typical view of a switch by the network engineer.
I had similar problems as you when trying to configure a MikroTik switch (part of a router) with tagged
and untagged VLANs, and when it all works it appears so obvious...
The documentation in the WiKi is also a bit lacking, "documentation by example" is sometimes useful
but should not be the only thing.
Re: Trunk + Access Ports same RB
Posted: Tue Sep 27, 2016 3:45 am
by skuykend
Did that and now it is working! But what's means placing this "switch1-cpu" inside de vlans? What's the logic that I should understand?
I consider it two separate devices.... 6 port switch and one port router... hooked up by virtual Ethernet... on the switch side as swith1-cpu and the router side as the master-port.
And why is shown switch2-cpu / switch3-cpu ?
I think that was a bug at one time. You're pretty behind on updates, I'd update to at least 6.34x bug fix only.
Re: Trunk + Access Ports same RB
Posted: Tue Sep 27, 2016 4:49 am
by ragno
I think that was a bug at one time. You're pretty behind on updates, I'd update to at least 6.34x bug fix only.
Yes! I've updated to 6.34.6 and now is correct:
swupdated.PNG
Re: Trunk + Access Ports same RB
Posted: Tue Sep 27, 2016 4:59 am
by ragno
Is it correct to assume when working with VLANs using the switch instead of bridges, is the best practice in terms of performance?
When using the switch like I did, we are using the ASIC chip, and the processor is more "free" to work with routes, QoS, etc? and if use bridges, the VLANs workload pass to the processor ? Am I wrong with this idea?
Re: Trunk + Access Ports same RB
Posted: Tue Sep 27, 2016 5:51 am
by skuykend
Is it correct to assume when working with VLANs using the switch instead of bridges, is the best practice in terms of performance?
When using the switch like I did, we are using the ASIC chip, and the processor is more "free" to work with routes, QoS, etc? and if use bridges, the VLANs workload pass to the processor ? Am I wrong with this idea?
Definitely faster and less bottlenecks using the switch. Bridging does at least two things.
1. Sends everything to the cpu for processing, so takes cpu resources.
2. Sending everything to cpu also limits the total bandwidth across the switch to the bandwidth of the cpu links. (Very important on Gigabit switches, some Fast Ethernets have the CPU integrated)